IT security news on the latest technology and the number one resource for your hardware and software needs.
Visit us at www.hyphenet.com

Thursday, August 1, 2013

Cell Phone SIM Cards Being Hacked!

We know those tiny gold chips hidden inside our phones that hold the
key to our dearest gems. Phone numbers, account numbers, passwords,
games, and the irreplaceable pictures from way back when. Research has
shown that millions of SIM cards in use today are vulnerable to being
hacked. These memory bites are susceptible to being cloned remotely, or
even have the voice mail numbers changed in the blink of an eye.
These cards are vulnerable from a Seventies-era cipher that are being used worldwide, according to Security Research Labs.
Karsten Nohl from Security Research Labs states, “With over seven
billion cards in active use, SIMs may well be the most widely used
security token in the world.”
The hacked SIM cards, allow spying, encryption keys for calls, SMSs
being read, and mobile identity. There are over six billion cellphones
being used today, and not everyone is updated with a smartphone that
doesn’t use a SIM card.
The outdated SIM cards have a Data Encryption Standard (DES
encryption) which is an algorithm for the encryption of electronic
data. Nohl tested 1,000 SIMs in the time-frame of two years and found
that 1/4 of those were vulnerable.

Java Applets

So the hackers would send a neglected signed OTA command with the SIM
cards responding as a cryptographic signature which is then resolved to
a 56-bit key on the computer. This is how the attacker installs the
Java applets. The Java applet can then break out out and access the
rest of the card. Newer cards are being designed to protect such
attacks from happening, networks and handsets are getting on board with
these defense techniques.